Ref: https://learn.cantrill.io/courses/2022818/lectures/45660748 [TECH-FUNDAMENTALS] =OR= https://learn.cantrill.io/courses/1820301/lectures/41301495 [SAA-C03]
YouTube: https://www.youtube.com/watch?v=6XW5cRa3ZKM
Border Gateway Protocol (BGP) - Key Concepts
- 🔧 Routing protocol → Peers exchange information on how to reach destinations
- Path-vector protocol → Peers exchange “best path” vector to destination
- Autonomous System (AS) = self-managing NW controlled by ONE entity → a BGP peer
- 💡 Black box from NW routing perspective
- Can be large NW, small collection of routers… doesn't matter, viewed as ONE peer
- Each AS has an allocated number → Autonomous System Number (ASN)
- 16 bits → 0-65535
- [64512-65534] range is for private ASNs
- All ASNs outside of private range are public and globally unique
- Public ASNs allocated by IANA (Internet Assigned Numbers Authority)
- BGP operates over
tcp/179
- Includes error correction & flow control → BGP designed to be reliable and distributed
- ‼️ BGP is NOT automatic!! → Peering is manually configured!
- Once peering configured, ASs exchange routing information and network topology
- An AS learns about NWs from peers and communicates anything it learns to its peers
- This is how internet routing functions → All major NWs exchange routing & topology info constantly → Large BGP NW where peers are constantly exchanging info
- Autonomous System Path (ASPATH) = “Best path” to destination (that the AS is aware of)
- Even if AS knows many paths to a destination, it only communicates the ASPATH
- ‼️ ASPATH does NOT consider link speed or conditions, ONLY PATHS (hops/nodes)!!
- Shortest path always preferred by default
- 💡 Direct A→D path preferred by default over A→B→C→D because it's shorter… but the latter could be faster! (prepending techniques can fix this)
- Some types of BGP
- iBGP (internal) → routing WITHIN an AS
- eBGP (external) → routing BETWEEN ASs
- AWS uses mostly eBGP (this lesson focuses on eBGP)
- 💡 BGP used by AWS Direct Connect (DX) and dynamic Site-to-Site VPNs
Simple Example of BGP Architecture
- 3 major metro areas: Brisbane (ASN=200), Adelaide (ASN=201), Alice Springs (ASN=202)
- 200↔201 and 201↔202 connections are fiber link, 200↔202 connection is satellite
- Every AS has a route table (RT)
- i = origin → the first ASPATH the AS is aware of is itself
- New entries in RTs added as ASs communicate with each other
- 💡 Brisbane CIDR communicated to Adelaide → Adelaide AS adds Brisbane CIDR to its RT and its ASPATH (200, i) → “One hop from origin”
- 💡 Alice Springs communicates its CIDR to Adelaide, who then communicates that path to Brisbane → Brisbane AS adds Alice Springs CIDR with ASPATH (201, 202, i) → “Two hops from origin”
- 💡 Alice Springs also communicates its CIDR to Brisbane → Brisbane AS adds Alice Springs CIDR with ASPATH (202, i) → Preferred path because it's less hops!
- As ASPATHs are exchanged, BGP network becomes HA with paths to every single NW
- If any AS fails, BGP would know how to route to the working sites
- ASPATH prepending = technique to artificially make short paths look longer (less preferable)
- 💡 e.g. Satellite path is much slower than fiber path → use as backup, not main
- Adds more ASNs to path → Alice Springs AS communicates to Brisbane AS that 200↔202 connection now has ASPATH (202, 202, 202, i) → Brisbane AS now prefers ASPATH (201, 202, i) because it's two hops compared to “three”
- Satellite path still there in case fiber link path fails